RubyGems - dradis-nexpose - Versions diffs - 4.0.0 → 4.1.0 - Mend

dradis-nexpose 4.0.0 → 4.1.0

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +47 -62
data/CHANGELOG.template +12 -0
data/dradis-nexpose.gemspec +1 -1
data/lib/dradis/plugins/nexpose/gem_version.rb +1 -1
data/lib/nexpose/vulnerability.rb +3 -3
metadata +6 -5

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3221e4566a6908aac405d51d9f5d165cd67229c0f8ea0f2361775d1b238eab6a
-  data.tar.gz: c518c809aafcf83da0dc452b471a4831ce21396b7205b482f53e2bf1495d23d1
+  metadata.gz: 8fd614ab4ae6d76629846fcc4b4446ae557f34057bc60abee7a10e7e73859bd9
+  data.tar.gz: f41b9074788b7c48ee2868424cceeb0d4857499c1ed1a811920c9887cc283be8
 SHA512:
-  metadata.gz: bfb28ff16fb0fee4d491828fff1e3e8caf8c09e2cc6ad1ddb29ed2c7c4abe0c86f5d3064c037f8773dda53d857bf61f350fe4947f49a3be55b0d726e173ae9a0
-  data.tar.gz: 9096410b85f110249f860cd5a875cc8788a5d194519f5e78413198721e7399cd4ba5667d3ce92df61915706d848cd214850e26e3a31a070b7b490ca24b0b9425
+  metadata.gz: 5ee4f44de8248385c6fc0d4ced288088bc2561b7dc2ad0e5fce555f2ec86186092cd23d7d85ef790f439df3f27c731c9e78f892042aaad68a5dddedbeb5ff0f0
+  data.tar.gz: 076bffc61f49b676914e19f075fc23da290d4e87f88d227e4c9efcf519e8078d5f0a961e5e59785da2da86ae9b74aa18773cf7e688ddbf10f33d1eeaa29ee5e5

data/CHANGELOG.md CHANGED Viewed

@@ -1,81 +1,66 @@
-## Dradis Framework 4.0.0 (July, 2021) ##
+v4.1.0 (November 2021)
+  - Update HTML tag cleanup to better cover `UnorderedList` and `URLLink` tags in the solution field
-*   Update HTML tag cleanup
+v4.0.0 (July 2021)
+  - Expand coverage for cipher wrapping to ssl-anon-ciphers and ssl-only-weak-ciphers
+  - Update HTML tag cleanup
-## Dradis Framework 3.22 (April, 2021) ##
+v3.22.0 (April 2021)
+  - No changes
-*   No changes.
+v3.21.0 (February 2021)
+  - No changes
-## Dradis Framework 3.21 (February, 2021) ##
+v3.20.0 (December 2020)
+  - Expand coverage for cipher wrapping
-*   No changes.
+v3.19.0 (September 2020)
+  - No changes
-## Dradis Framework 3.20 (December, 2020) ##
+v3.18.0 (July 2020)
+  - No changes
-*   Expand coverage for cipher wrapping
+v3.17.0 (May 2020)
+  - Expand coverage for cipher wrapping
-## Dradis Framework 3.19 (September, 2020) ##
+v3.16.0 (February 2020)
+  - No changes
-*   No changes.
+v3.15.0 (November 2019)
+  - Wrap ciphers in code blocks
-## Dradis Framework 3.18 (July, 2020) ##
+v3.14.0 (August 2019)
+  - Add risk-score attribute to nodes
-*   No changes.
+v3.13.0 (June 2019)
+  - No changes
-## Dradis Framework 3.17 (May, 2020) ##
+v3.12.0 (March 2019)
+  - No changes
-*   Expand coverage for cipher wrapping
+v3.11.0 (November 2018)
+  - No changes
-## Dradis Framework 3.16 (February, 2020) ##
+v3.10.1 (October 2018)
+  - Fix usage of set_property(:services) to use set_service
-*   No changes.
+v3.10.0 (August 2018)
+  - Create `hostname` and `os` Node properties (if present)
+  - Improve parsing of `<ListItem>` tags
+  - Import `vulnerability.tags` field as expected
+  - Import `<Paragraph preformat="true">` tags as code blocks
+  - Import `<URLLink>` tags as textile links
+  - Resolve duplicate content in nested `<Paragraph>` tags
-## Dradis Framework 3.15 (November, 2019) ##
+v3.9.0 (January 2018)
+  - No changes
-*   Wrap ciphers in code blocks
+v3.8.0 (September 2017)
+  - No changes
-## Dradis Framework 3.14 (August, 2019) ##
+v3.7.0 (July 2017)
+  - Add full evidence template for exporting evidences
+  - Fix issue resulting in Evidence with null content
-*   Add risk-score attribute to nodes
-## Dradis Framework 3.13 (June, 2019) ##
-*   No changes.
-## Dradis Framework 3.12 (March, 2019) ##
-*   No changes.
-## Dradis Framework 3.11 (November, 2018) ##
-*   No changes.
-## Dradis Framework 3.10.1 (October, 2018) ##
-*   Fix usage of set_property(:services) to use set_service
-## Dradis Framework 3.10 (August, 2018) ##
-*   Resolve duplicate content in nested `<Paragraph>` tags
-*   Import `<URLLink>` tags as textile links
-*   Import `<Paragraph preformat="true">` tags as code blocks
-*   Improve parsing of `<ListItem>` tags
-*   Import `vulnerability.tags` field as expected
-*   Create `hostname` and `os` Node properties (if present)
-## Dradis Framework 3.9 (January, 2018) ##
-*   No changes.
-## Dradis Framework 3.8 (September, 2017) ##
-*   No changes.
-## Dradis Framework 3.7 (July, 2017) ##
-*   Add full evidence template for exporting evidences.
-*   Fix issue resulting in Evidence with null content.
-## Dradis Framework 3.6 (March, 2017) ##
-*   No changes.
+v3.6.0 (March 2017)
+  - No changes

data/CHANGELOG.template ADDED Viewed

@@ -0,0 +1,12 @@
+[v#.#.#] ([month] [YYYY])
+  - [future tense verb] [feature]
+  - Upgraded gems:
+    - [gem]
+  - Bugs fixes:
+    - [future tense verb] [bug fix]
+    - Bug tracker items:
+      - [item]
+  - Security Fixes:
+    - High: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

data/dradis-nexpose.gemspec CHANGED Viewed

@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
   # versions of Rails (a sure recipe for disaster, I'm sure), which is needed
   # until we bump Dradis Pro to 4.1.
   # s.add_dependency 'rails', '~> 4.1.1'
-  spec.add_dependency 'dradis-plugins', '~> 4.0.0'
+  spec.add_dependency 'dradis-plugins', '~> 4.0'
   spec.add_dependency 'nokogiri', '~> 1.3'
   spec.add_development_dependency 'bundler'

data/lib/dradis/plugins/nexpose/gem_version.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Dradis
       module VERSION
         MAJOR = 4
-        MINOR = 0
+        MINOR = 1
         TINY = 0
         PRE = nil

data/lib/nexpose/vulnerability.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Nexpose
   # Instead of providing separate methods for each supported property we rely
   # on Ruby's #method_missing to do most of the work.
   class Vulnerability
-    SSL_CIPHER_VULN_IDS = %w[ssl-des-ciphers ssl-3des-ciphers ssl-export-ciphers ssl-null-ciphers ssl-static-key-ciphers rc4-cve-2013-2566 ssl-cve-2016-2183-sweet32 tls-dhe-export-ciphers-cve-2015-4000].freeze
+    SSL_CIPHER_VULN_IDS = %w[ssl-anon-ciphers ssl-des-ciphers ssl-3des-ciphers ssl-export-ciphers ssl-null-ciphers ssl-only-weak-ciphers ssl-static-key-ciphers rc4-cve-2013-2566 ssl-cve-2016-2183-sweet32 tls-dhe-export-ciphers-cve-2015-4000].freeze
     # Accepts an XML node from Nokogiri::XML.
     def initialize(xml_node)
@@ -115,13 +115,13 @@ module Nexpose
       result.gsub!(/<Paragraph preformat=\"true\">(.*?)<\/Paragraph>/mi){|m| "\nbc. #{ $1 }\n\n"}
       result.gsub!(/<Paragraph>(.*?)<\/Paragraph>/m){|m| "#{ $1 }\n"}
       result.gsub!(/<Paragraph>|<\/Paragraph>/, '')
-      result.gsub!(/<UnorderedList>(.*?)<\/UnorderedList>/m){|m| "#{ $1 }"}
+      result.gsub!(/<UnorderedList (.*?)>(.*?)<\/UnorderedList>/m){|m| "#{ $2 }"}
       result.gsub!(/<OrderedList(.*?)>(.*?)<\/OrderedList>/m){|m| "#{ $2 }"}
       result.gsub!(/<ListItem>|<\/ListItem>/, '')
       result.gsub!(/          /, '')
       result.gsub!(/   /, '')
       result.gsub!(/\t\t/, '')
-      result.gsub!(/<URLLink(.*)LinkURL=\"(.*?)\"(.*?)>(.*?)<\/URLLink>/i) { "\"#{$4.strip}\":#{$2.strip} " }
+      result.gsub!(/<URLLink(.*)LinkURL=\"(.*?)\"(.*?)>(.*?)<\/URLLink>/im) { "\"#{$4.strip}\":#{$2.strip} " }
       result.gsub!(/<URLLink LinkTitle=\"(.*?)\"(.*?)LinkURL=\"(.*?)\"\/>/i) { "\"#{$1.strip}\":#{$3.strip} " }
       result.gsub!(/<URLLink LinkURL=\"(.*?)\"(.*?)LinkTitle=\"(.*?)\"\/>/i) { "\"#{$3.strip}\":#{$1.strip} " }
       result.gsub!(/&gt;/, '>')

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-nexpose
 version: !ruby/object:Gem::Version
-  version: 4.0.0
+  version: 4.1.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-08-03 00:00:00.000000000 Z
+date: 2021-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -107,6 +107,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - CHANGELOG.md
+- CHANGELOG.template
 - CONTRIBUTING.md
 - Gemfile
 - LICENSE
@@ -171,7 +172,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Nexpose add-on for the Dradis Framework.